Original Source: http://hackmii.com/2009/09/dsi-ram-hax/
Credit: Bushing @ HackMii
We have no grand master exploit (yet), but have learned the following things:
- There is a considerable amount of ROM (128K+?) and RAM (1MB+?) inside the CPU
- The internal ROM is quite sophisticated, compared to that of the Starlet (boot0) — it is able to initialize both LCD panels, read from the SPI flash and the MMC NAND flash, and decrypt the contents of the 2nd-stage bootloader from NAND into internal RAM. If there is an error, it can display an error code on the top LCD.
- The second stage bootloader is analogous to boot2 on the Wii — it can read the TMD for the System Menu from the NAND filesystem and load the contents into memory. Like the Wii, the code seems to be stored in NAND unencrypted (inside an encrypted filesystem). Unlike the Wii, it seems to actually verify the contents and signature of the TMD before executing it.
- Most of the interesting keys seem to be stored inside internal RAM, safely out of reach from us. They are cleared when a cartridge is loaded, and probably even when a DSiWare app is loaded.
In ARSC News:
We have a new VIP member, Sergeant! He is a great DS Hacker and he makes AR-DS Cheat codes and subscriptions so if you have any requests for him or the other AR-DS coder/subscription maker (Microchip55) please use this form or email:
Sergeant at sharkracer14@yahoo.com
Microchip55 at clubpenguinman9@yahoo.com